package com.nulijiushimeili.casclient.controller;

import com.nulijiushimeili.casclient.utils.CASUtil;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import javax.servlet.http.HttpServletRequest;

@RestController
public class TestController {

  @RequestMapping("/")
  public String index() {
    return "访问了首页哦";
  }


  @GetMapping(value = "hello")
  public String helloCas(HttpServletRequest request){


    return "I am " + CASUtil.getAccountNameFromCas(request) + ", hello cas!";
  }


  @PreAuthorize("hasAuthority('TEST')")//有TEST权限的才能访问
  @RequestMapping("/security")
  public String security() {
    return "hello world security";
  }

  @PreAuthorize("hasAuthority('ADMIN')")//必须要有ADMIN权限的才能访问
  @RequestMapping("/authorize")
  public String authorize() {
    return "有权限访问";
  }



}

